IBM Bluemix在spring boot应用程序上强制执行https(Jhipster生成) [英] IBM Bluemix enforcing https on spring boot application(Jhipster generated)
问题描述
我需要在部署在IBM Bluemix上的spring-boot应用程序(生成jhipster)上强制执行https。我正在部署没有嵌入式tomcat的spring-boot war,cloudfoundry的文档指定java build pack本身为Tomcat配置了RemoteIPValve ,所以我不需要在StackoverFlow上添加许多答案所指定的下面的标题。
I need to enforce https on spring-boot application(jhipster generated) deployed on IBM Bluemix.I am deploying spring-boot war without embedded tomcat, the documentation for cloudfoundry specified that the java build pack itself provides Tomcat configured with a RemoteIPValve, so I need not to add below headers as specified by many answers on StackoverFlow.
server.tomcat.remote_ip_header=x-forwarded-for
server.tomcat.protocol_header=x-forwarded-proto
我还添加了安全配置中的代码下面
I have also added below code in security configuration
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requiresChannel().anyRequest().requiresSecure();
}
我的应用程序仍未被重定向到https。
Still my app is not not get redirected to https.
另外,如果在bluemix域上执行https,我也有疑问,同样的自定义域工作也一样吗?
Also I have a doubt like once if enforcing https is done on bluemix domains , will the same work for custom domains also?
谢谢,
Vasu
Thanks, Vasu
推荐答案
应用程序Yaml配置
服务器:
Application Yaml configuration
server:
tomcat:
remote_ip_header: x-forwarded-for
protocol_header: x-forwarded-proto
以上tomcat标头告诉服务器原始请求是http还是https,
The above tomcat headers tell server whether the original request is http or https,
if(profile.equalsIgnoreCase(Constants.SPRING_PROFILE_PRODUCTION))
{
http.requiresChannel()。anyRequest()。requiresSecure(); }
if (profile.equalsIgnoreCase(Constants.SPRING_PROFILE_PRODUCTION)) { http.requiresChannel().anyRequest().requiresSecure(); }
这篇关于IBM Bluemix在spring boot应用程序上强制执行https(Jhipster生成)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!